TCP: Difference between revisions
(Created page with "=Internal= * Linux Network Subjects =Overview=") |
No edit summary |
||
Line 1: | Line 1: | ||
=External= | |||
* [http://www.ietf.org/rfc/rfc793.txt] | |||
* [http://www.frozentux.net/iptables-tutorial/iptables-tutorial.html#TCPCHARACTERISTICS] | |||
* [http://www.frozentux.net/iptables-tutorial/iptables-tutorial.html#TCPCONNECTIONS] | |||
* TCP Timeout and Retransmission [http://repo.hackerzvoice.net/depot_madchat/ebooks/TCP-IP_Illustrated/tcp_time.htm] | |||
* TCP/IP Illustrated, Volume 1 The Protocols W. Richard Stevens [http://repo.hackerzvoice.net/depot_madchat/ebooks/TCP-IP_Illustrated/] | |||
=Internal= | =Internal= | ||
Line 4: | Line 13: | ||
=Overview= | =Overview= | ||
The TCP (Transport Control Protocol) protocol resides on top of the IP protocol. It is a stateful protocol, and its primary responsibility is to make sure the data was received properly by the other host. It does so by insuring that the data is reliably received and sent, the data is transported between the Internet layer and the Application layer correctly, the packets reach the proper program in the application layer, and they do it in the right order. | |||
=TCP Life Cycle= | |||
The TCP protocol looks at data as an ''continuous data stream with a start and a stop signal''. | |||
==Handshake== | |||
The signal that indicates that a new stream is waiting to be opened is called a SYN three-way handshake in TCP, and consists of one packet sent with the SYN bit set. The other end then either answers with SYN/ACK or SYN/RST to let the client know if the connection was accepted or denied, respectively. | |||
If the client receives an SYN/ACK packet, it once again replies, this time with an ACK packet. At this point, the whole connection is established and data can be sent. During this initial handshake, all of the specific options that will be used throughout the rest of the TCP connection is also negotiated, such as ECN, SACK, etc. | |||
==ESTABLISHED Connection== | |||
While the datastream is alive, TCP insures that the packets are actually received properly by the other end. This is done using a Sequence number in the packet. Every time we send a packet, we give a new value to the Sequence number, and when the other end receives the packet, it sends an ACK packet back to the data sender. The ACK packet acknowledges that the packet was received properly. The sequence number also sees to it that the packet is inserted into the data stream in a good order. | |||
==Closing the Connection== | |||
Once the connection is closed, this is done by sending a FIN packet from either end-point. The other end then responds by sending a FIN/ACK packet. The FIN-sending end can then no longer send any data, but the other end-point can still finish sending data. Once the second end-point wishes to close the connection totally, it sends a FIN packet back to the originally closing end-point, and the other end-point replies with a FIN/ACK packet. Once this whole procedure is done, the connection is torn down properly. | |||
==TIME_WAIT State== | |||
By default, a connection is supposed to stay in the TIME_WAIT state for twice the msl. Its purpose is to make sure any lost packets that arrive after a connection is closed do not confuse the TCP subsystem. The default msl is 60 seconds, which puts the default TIME_WAIT timeout value at 2 minutes. |
Revision as of 13:51, 19 July 2017
External
- [1]
- [2]
- [3]
- TCP Timeout and Retransmission [4]
- TCP/IP Illustrated, Volume 1 The Protocols W. Richard Stevens [5]
Internal
Overview
The TCP (Transport Control Protocol) protocol resides on top of the IP protocol. It is a stateful protocol, and its primary responsibility is to make sure the data was received properly by the other host. It does so by insuring that the data is reliably received and sent, the data is transported between the Internet layer and the Application layer correctly, the packets reach the proper program in the application layer, and they do it in the right order.
TCP Life Cycle
The TCP protocol looks at data as an continuous data stream with a start and a stop signal.
Handshake
The signal that indicates that a new stream is waiting to be opened is called a SYN three-way handshake in TCP, and consists of one packet sent with the SYN bit set. The other end then either answers with SYN/ACK or SYN/RST to let the client know if the connection was accepted or denied, respectively.
If the client receives an SYN/ACK packet, it once again replies, this time with an ACK packet. At this point, the whole connection is established and data can be sent. During this initial handshake, all of the specific options that will be used throughout the rest of the TCP connection is also negotiated, such as ECN, SACK, etc.
ESTABLISHED Connection
While the datastream is alive, TCP insures that the packets are actually received properly by the other end. This is done using a Sequence number in the packet. Every time we send a packet, we give a new value to the Sequence number, and when the other end receives the packet, it sends an ACK packet back to the data sender. The ACK packet acknowledges that the packet was received properly. The sequence number also sees to it that the packet is inserted into the data stream in a good order.
Closing the Connection
Once the connection is closed, this is done by sending a FIN packet from either end-point. The other end then responds by sending a FIN/ACK packet. The FIN-sending end can then no longer send any data, but the other end-point can still finish sending data. Once the second end-point wishes to close the connection totally, it sends a FIN packet back to the originally closing end-point, and the other end-point replies with a FIN/ACK packet. Once this whole procedure is done, the connection is torn down properly.
TIME_WAIT State
By default, a connection is supposed to stay in the TIME_WAIT state for twice the msl. Its purpose is to make sure any lost packets that arrive after a connection is closed do not confuse the TCP subsystem. The default msl is 60 seconds, which puts the default TIME_WAIT timeout value at 2 minutes.